Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0456

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-0456
Last Modified 05 Sep 2008 04:46:20
Published 12 Jan 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0456

Summary

Opera 7.54 and earlier does not properly validate base64 encoded binary data in a data: (RFC 2397) URL, which causes the URL to be obscured in a download dialog, which may allow remote attackers to trick users into executing arbitrary code.

Vulnerable Systems

Application

  • Opera Software Opera Web Browser 5.0

  • Opera Software Opera Web Browser 5.0.2

  • Opera Software Opera Web Browser 5.1.0

  • Opera Software Opera Web Browser 5.1.1

  • Opera Software Opera Web Browser 5.12

  • Opera Software Opera Web Browser 6.0

  • Opera Software Opera Web Browser 6.0.1

  • Opera Software Opera Web Browser 6.0.2

  • Opera Software Opera Web Browser 6.0.3

  • Opera Software Opera Web Browser 6.0.4

  • Opera Software Opera Web Browser 6.0.5

  • Opera Software Opera Web Browser 6.0.6

  • Opera Software Opera Web Browser 6.10

  • Opera Software Opera Web Browser 7.0

  • Opera Software Opera Web Browser 7.0 Beta1

  • Opera Software Opera Web Browser 7.0 Beta2

  • Opera Software Opera Web Browser 7.0.1

  • Opera Software Opera Web Browser 7.0.2

  • Opera Software Opera Web Browser 7.0.3

  • Opera Software Opera Web Browser 7.10

  • Opera Software Opera Web Browser 7.11

  • Opera Software Opera Web Browser 7.11b

  • Opera Software Opera Web Browser 7.11j

  • Opera Software Opera Web Browser 7.20

  • Opera Software Opera Web Browser 7.20 Beta1 Build2981

  • Opera Software Opera Web Browser 7.21

  • Opera Software Opera Web Browser 7.22

  • Opera Software Opera Web Browser 7.23

  • Opera Software Opera Web Browser 7.50

  • Opera Software Opera Web Browser 7.51

  • Opera Software Opera Web Browser 7.52

  • Opera Software Opera Web Browser 7.53

  • Opera Software Opera Web Browser 7.54

  • Opera Software Opera Web Browser 9.10


References

CERT-VN - VU#882926

CONFIRM - http://www.opera.com/linux/changelogs/754u2/

GENTOO - GLSA-200502-17

SECUNIA - 13818

XF - opera-data-dialog-spoofing(18867)

SUSE - SUSE-SA:2005:031


Last Updated: 27 May 2016 10:39:48